A report by the Department for Digital, Culture, Media and Sport and the National Cyber Security Centre (NCSC) claimed that in the case of more than half (57 percent) of businesses who had suffered a recent breach, the incident had first been spotted by staff rather than by software.
As a result, the report is calling for smaller firms to train more staff as specialists in how to identify and stop attacks from hackers.
According to the research, the average cyber attack on small business costs £900.
Clare Gardiner, director of engagement at the NCSC, said: “Identifying a ‘cybersecurity champion’ in your company is a great way to help avoid a damaging cyber attack or data breach on your business.
“They don’t need to be a technical expert, as we offer some great free advice in the Small Business Guide.
“It is important to pick the right person – for example, someone good at motivating staff – and give them the tools and support to raise awareness and implement good cybersecurity measures. We’re encouraging all small businesses to use the new financial year to have a #CyberSpringClean and get staff involved with protecting the business against hackers.”
The research suggests 42 percent of small businesses have experienced a cyber attack in the last year, with 68 percent of those asked citing it as a high priority.
But only 35 percent were found to have staff whose job role included internet security or governance.
Digital minister Margot James said: “The UK is home to millions of successful small companies, but we know that protecting against cyber attacks is hard to do while juggling all the other issues involved in running a business.
“We want to make it as easy as possible for small businesses to benefit from being online and to do so safely, which is why we’re working closely with the National Cyber Security Centre to promote the practical steps firms can take.
“I would urge all SMEs (Small and Medium Enterprises) to download our free Small Business Guide to help make sure that they don’t fall victim to a cyber attack.”
Felicity Burch, CBI Director of Innovation, said: “With cyber threats lurking around every corner, firms must proactively assess the risks out there and take action to protect themselves and their customers. The challenge remains to turn cyber awareness into action. This report underlines the importance of having a robust cyber incidence response plan. Firms that fail to could face severe risks to their business.”